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A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH (S) OR THIRTY (30) DAYS, 
WHICHEVER IS LONGER, FROM THE MAILING DATE OF THIS COMMUNICATION. 
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3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1 935 CD. 1 1 f 453 O.G. 21 3. 
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DETAILED ACTION 

1 . This action is in response to the Request for Continued Examination (RCE) 
received on July 1 1 , 2005. Claims 2,4-5, 6-1 2,14,1 6, and 1 8-22 are currently being 
considered; 

Claim Objections 

2. Claims 2, and 14 are objected to because of the following informalities: Claims 2 
and 14 are dependent on claims 4 and 16, respectively. This is improper because a 
claim must be dependent on a preceding claim. Appropriate correction is required. 

Claim Rejections - 35 USC §112 
The following is a quotation of the second paragraph of 35 U.S.C. 112: 

The specification shall conclude with one or more claims particularly pointing out and distinctly 
claiming the subject matter which the applicant regards as his invention. 

3. Claim 7 recites the limitation "said indication" in the second line of the claim. 
There is insufficient antecedent basis for this limitation in the claim. 

4. Claims 7-1 1 recite the limitation "said resource." The claims 7-1 1 all are 
dependent on claim 6, which is cancelled. Therefore, there is insufficient antecedent 
basis for this limitation in the claims. 

5. Claims 2 and 5 recite the limitation "said providing step." There is insufficient 
antecedent basis for this limitation in the claim. 



Claim Rejections - 35 USC § 102 
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The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 
States. 

6. Claims 2,4-5, 6-12, 14,16,18-22 rejected under 35 U.S.C. 102(b) as being 
anticipated by Gasser et al. (U.S. Patent 5,220,604). 

Regarding claim 4, Gasser discloses: 

A method for evaluating a set of credentials comprising at least one group 
credential in response to a request to access a resource, comprising: 

ascertaining at least one first trust rating within at least one of said credentials 
within said set of credentials including said group credential, wherein each of said first 
trust ratings is associated with a level of confidence in information being certified within 
the respective credential (column 10 lines 7-17, column 10 lines 35-43, column 10 line 
66 - column 1 1 line 44), wherein a set of certificates (credentials) are used to verify if a 
user is a member of a group by analyzing different groups/subgroups, wherein the trust 
rating is interpreted as the presence or absence of membership in a group; 

in the event said set of credentials forms a plurality of certification paths having at 
least one credential in each of said paths, determining for each of said plurality of 
certification paths a third trust rating equal to the lowest trust rating in the credentials of 
the respective certification path (column 8 line 54 - column 9 line 10, column 10 lines 
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50-65), wherein the certifying authorities which are nearby the branches of the directory 
have a higher trust level; 

determining a second trust rating for said set of credentials based, at least in 
part, upon an analysis of said at least one first trust rating by assigning said second 
trust rating equal to the highest trust rating of said third trust ratings (column 10 lines 7- 
1 7, column 1 0 lines 35-43, column 1 0 line 50 - column 1 1 line 44) wherein the 
principals' certificates (credentials) are analyzed, and based on the certificate, it is 
determined if the principals are members of a particular group, and any of the principals 
containing a valid certificate is granted access which is interpreted as taking the highest 
trust rating; and 

granting access to the resource in the event said second trust rating satisfies 
predetermined criteria (column 11 lines 1-6). 

Claim 2 is rejected as applied above in rejecting claim 4. Furthermore, Gasser 
discloses: 

The method of claim 4 wherein said providing step includes the step of 
comparing said second trust rating to a predetermined trust rating threshold and 
wherein said predetermined criteria comprises said predetermined trust rating threshold 
(column 1 1 lines 1-36), wherein if a principal has a certificate designating the principal 
as a member of a group, it is allowed access, otherwise it is not. 
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Claim 5 is rejected as applied above in rejecting claim 4. Furthermore, Gasser 
discloses: 

The method of claim 4 wherein said providing step includes the step of 
comparing said second trust rating to said predetermined criteria (column 11 lines 1-36), 
wherein if a principal has a certificate designating the principal as a member of a group, 
it is allowed access, otherwise it is not. 

Claim 7 is rejected as applied above in rejecting claim 6. Furthermore, Gasser 
discloses: 

The method of claim 6 further including the step of granting access to said 
resource in response to said indication (column 11 lines 1-6, column 18 lines 18-23). 

Claim 8 is rejected as applied above in rejecting claim 7. Furthermore, Gasser 
discloses: 

The method of claim 7 wherein said resource comprises a file on a file server 
(column 17 lines 47-67, column 18 lines 18-23), wherein the object/resource can be any 
request that can be implemented which can include making requests of a file service. 

Claim 9 is rejected as applied above in rejecting claim 7. Furthermore, Gasser 
discloses: 
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The method of claim 7 wherein said resource comprises a web page (column 17 
lines 47-67, column 18 lines 18-23), wherein the object/resource can be any request 
that can be implemented using an access list, which is known to include web pages. 

Claim 10 is rejected as applied above in rejecting claim 7. Furthermore, Gasser 
discloses: 

The method of claim 7 wherein said resource comprises a secure area (column 
17 lines 47-67, column 18 lines 18-23), wherein the object/resource can be any request 
that can be implemented using an access list. 

Claim 1 1 is rejected as applied above in rejecting claim 7. Furthermore, Gasser 
discloses: 

The method of claim 7 wherein said resource comprises a database (column 17 
lines 47-67, column 18 lines 18-23), wherein the object/resource can be any request 
that can be implemented which can include a database. 

Claim 12 is rejected as applied above in rejecting claim 4. Furthermore, Gasser 
discloses: 

The method of claim 4 wherein said ascertaining step further includes the step of 
obtaining an identity credential trust rating associated with an identity credential within 
said credential path (column 10 lines 7-17, column 10 lines 35-43, column 10 line 66 - 
column 1 1 line 44), wherein a set of certificates (credentials) are used to verify if a user 
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is a member of a group by analyzing different groups/subgroups to determine their 
identity and membership in a particular group. 

7. Claims 14 and 16 are system claims analogous to the method claims 2,4-5, 7-12 
rejected above, and therefore, are rejected following the same reasoning. 

8. Claim 1 8 is a computer program product claim analogous to the method claims 
2,4-5, and 7-12 rejected above, and therefore, is rejected following the same reasoning. 

9. Claim 19 is a computer data signal embodied in a carrier wave (see 101 
rejection) analogous to the method claims 2,4-5, and 7-12 rejected above, and 
therefore, is rejected following the same reasoning. 

10. Claim 20 is a system claim analogous to the method claims 2,4-5, and 7-12 
rejected above, and therefore, is rejected following the same reasoning. 

11. Claims 21-22 are method claims analogous to the method claims 2,4-5 and 7-12 
rejected above, and therefore, is rejected following the same reasoning. 



Conclusion 
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Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Kaveh Abrishamkar whose telephone number is 703- 
305-8892. The examiner can normally be reached on Monday thru Friday 8-5. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on 703-305-9648. The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-21 7-91 97 (toll-free). 
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